﻿
using Cl.Utils;
using Cl.Utils.Helper;
using Cl.Utils.Primitives.Class;
using Cl.Utils.Primitives.Const.UserLogin;
using Cl.WebApi.Authorization.Attributes;
using Cl.WebApi.Authorization.CustomerAttributes;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.Controllers;
using Microsoft.AspNetCore.Mvc.Filters;


namespace Cl.WebApi.Controllers
{

    public class BaseController : Controller
    {
        /// <summary>
        /// token
        /// </summary>
        protected string Token { get; private set; } = string.Empty;


        /// <summary>
        /// 执行时操作
        /// </summary>
        /// <param name="context"></param>
        public override void OnActionExecuting(ActionExecutingContext context)
        {
            // 忽略权限验证
            if (HasAllowAnonymous(context))
            {
                base.OnActionExecuting(context);
                return;
            }

            if (GlobalService.SystemConfigGlobal.EnableSafeMode)
            {
                // 校验用户是否是从我们的平台登陆
                switch (GlobalUserManager.GlobalUserInfo.ClientType)
                {
                    case ClientTypeConst.Admin:
                        break;
                    case ClientTypeConst.Customer:
                        break;
                    default:
                        context.Result = new ContentResult() { StatusCode = StatusCodes.Status403Forbidden, Content = "未知来源" };
                        return;
                }
            }

            var methodInfo = context.ActionDescriptor as Microsoft.AspNetCore.Mvc.Controllers.ControllerActionDescriptor;
            if (methodInfo != null)
            {
                //优先黑名单接口校验
                // 查找黑名单接口特性 BlackListAuthorizeActionAttribute
                var BlackListAuthorize = methodInfo.MethodInfo.GetCustomAttributes(typeof(BlackListAuthorizeActionAttribute), false);
                foreach (var attr in BlackListAuthorize)
                {
                    var BlackActionAttr = attr as BlackListAuthorizeActionAttribute;
                    if (BlackActionAttr != null && BlackActionAttr.ClientType == GlobalUserManager.GlobalUserInfo.ClientType)
                    {
                        context.Result = new ContentResult() { StatusCode = StatusCodes.Status403Forbidden, Content = "权限不足" };
                        return;
                    }
                }

                //白名单接口校验
                var WhiteListAuthorize = methodInfo.MethodInfo.GetCustomAttributes(typeof(WhiteListAuthorizeActionAttribute), false);
                foreach (var attr in WhiteListAuthorize)
                {
                    var WhiteActionAttr = attr as WhiteListAuthorizeActionAttribute;
                    if (WhiteActionAttr != null && WhiteActionAttr.ClientType == GlobalUserManager.GlobalUserInfo.ClientType)
                    {
                        return;//放行
                    }
                }
            }

            base.OnActionExecuting(context);
        }

        private bool HasAllowAnonymous(ActionExecutingContext context)
        {
            var endpoint = context.HttpContext.GetEndpoint();
            if (endpoint?.Metadata?.GetMetadata<IAllowAnonymous>() != null)
            {
                return true;
            }
            return false;
        }


    }
}
